From owner-freebsd-security Sun Jun 30 14:11:56 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA17645 for security-outgoing; Sun, 30 Jun 1996 14:11:56 -0700 (PDT) Received: from ulc199.residence.gatech.edu (root@ulc199.residence.gatech.edu [199.77.162.99]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id OAA17636 for ; Sun, 30 Jun 1996 14:11:53 -0700 (PDT) Received: (from ken@localhost) by ulc199.residence.gatech.edu (8.7.5/8.7.3) id RAA23445 Sun, 30 Jun 1996 17:11:43 -0400 (EDT) From: Kenneth Merry Message-Id: <199606302111.RAA23445@ulc199.residence.gatech.edu> Subject: Re: I need help on this one - please help me track this guy down! To: taob@io.org (Brian Tao) Date: Sun, 30 Jun 1996 17:11:42 -0400 (EDT) Cc: security@freebsd.org In-Reply-To: from Brian Tao at "Jun 30, 96 12:43:57 pm" X-Mailer: ELM [version 2.4ME+ PL15 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > On Sun, 23 Jun 1996, Terry Lambert wrote: > > > > 9) Make sure you aren't running routed -q. > > Why not? It depends on what your network setup looks like. If you control all the machines on your subnet, there's no problem with running routed -q. If you don't control all the machines on your subnet, it can be very dangerous, since it will believe anyone who claims to be the default router. I ran into that once when I put my machine on the dorm network here at GT. A couple of guys with Linux boxes were running routed -g -s, and so all of my outbound packets wound up going to their machines. It turned out that whatever distribution of Linux they had (old version of slackware, perhaps?) enabled those options on routed by default. (They were pretty clueless, and it didn't appear to be a malicious thing.) Since then, I've always made a point of disabling routed, and hard-coding default routes, so I don't get any nasty surprises. Ken -- Kenneth Merry ken@ulc199.residence.gatech.edu Disclaimer: I don't speak for GTRI, GT, or Elvis.